package com.shiro.demo.config;

import com.shiro.demo.domain.Permission;
import com.shiro.demo.service.UserRolePermissionService;
import com.shiro.demo.shiro.MyShiroRealm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;

/**
 * @author tracyclock 2017-12-08
 * shiro过滤url的配置
 */
@ConfigurationProperties(prefix = "shiroFilter")
@Configuration
public class ShiroConfig{

    private Logger logger = LoggerFactory.getLogger(this.getClass());

    @Autowired
    private UserRolePermissionService userRolePermissionService;

    //在application.yml配置文件中配置无需登录验证的url
    private Map<String,String> filterChainDefinitionMap = new LinkedHashMap<>();

    public Map<String, String> getFilterChainDefinitionMap() {
        return filterChainDefinitionMap;
    }

    public void setFilterChainDefinitionMap(Map<String, String> filterChainDefinitionMap) {
        this.filterChainDefinitionMap = filterChainDefinitionMap;
    }

    @Bean
    public ShiroFilterFactoryBean shiroFilter(org.apache.shiro.mgt.SecurityManager securityManager) {
        logger.info("ShiroConfig shiroFilter() start~");
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager);

        //如果不设置默认会自动寻找Web工程根目录下的"/login"页面
        shiroFilterFactoryBean.setLoginUrl("/shiro/login");
        //登录成功后要跳转的链接，备用
        shiroFilterFactoryBean.setSuccessUrl("/shiro/index");
        //未授权界面;
        shiroFilterFactoryBean.setUnauthorizedUrl("/403");

        //filterChainDefinitionMap继续添加需要权限验证的url，可以在类中配置，也能在yml文件配置，这里采用数据库的配置
        //例子：filterChainDefinitionMap.put("/add", "perms[权限添加]");
        //获得数据库需要权限验证的所有信息
        String permissionStr = "perms[%s]";
        List<Permission> permissionList = this.userRolePermissionService.permissionList();
        logger.info("ShiroConfig shiroFilter() permissionList{}",permissionList);

        if(permissionList != null && permissionList.size() > 0){
            for (Permission permission : permissionList) {
                filterChainDefinitionMap.put(permission.getUrl(), String.format(permissionStr,permission.getName()));
            }
        }
        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
        return shiroFilterFactoryBean;
    }

    @Bean
    public MyShiroRealm myShiroRealm(){
        MyShiroRealm myShiroRealm = new MyShiroRealm();
        return myShiroRealm;
    }


    @Bean
    public org.apache.shiro.mgt.SecurityManager securityManager(){
        DefaultWebSecurityManager securityManager =  new DefaultWebSecurityManager();
        securityManager.setRealm(myShiroRealm());
        return securityManager;
    }
}
